332
CHAPTER 8 | Make secure .NET Microservices and Web Applications
code and making sure not to store secrets in source control. Instead, you should use the ASP.NET
Core configuration model to read the secrets from more secure locations.
You must separate the secrets for accessing development and staging resources from the ones used
for accessing production resources, because different individuals will need access to those different
sets of secrets. To store secrets used during development, common approaches
are to either store
secrets in environment variables or by using the ASP.NET Core Secret Manager tool. For more secure
storage in production environments, microservices can store secrets in an Azure Key Vault.
Dostları ilə paylaş: